PATCH: support utilities should enable crypt() , current htdbm checks broken

Fri, 16 Mar 2007 08:31:02 -0800 

Support utilities should enable crypt() iff it is available.
Using the presence of <crypt.h> does not reliably determine if crypt() is
available.
Specifically z/OS supports crypt, but does not have <crypt.h >, so it is
broken when checking APR_HAVE_CRYPT_H.

Added crypt to AC_CHECK_FUNCS in httpd's configure.in, this creates a
HAVE_CRYPT define. Then changed the checks in htpasswd.c and htdbm.c to
check HAVE_CRYPT.

This will let htdbm.c determine crypt() support accurately (it currently
checks APR_HAVE_CRYPT_H) and htpasswd.c use a more concise and consistent
check (it currently checks if OS = WIN32 || TPF || NETWARE)


Note: This also fixes a TPF bug as they need to switch from crypt to MD5
like the other systems who don't have crypt:
  Currently the check to automatically switch from using crypt to md5 is:
            #if !(defined(WIN32) || defined(NETWARE))
  All other checks for not supporting crypt in htdbm.c are:
            #if (!(defined(WIN32) || defined(TPF) || defined(NETWARE)))
  From the man page for htpasswd:
          -d     Use crypt() encryption for passwords. The default on  all
plat-
                 forms but Windows, Netware and TPF. Though possibly
supported by
                 htpasswd on all platforms, it is  not  supported  by  the
httpd
                 server on Windows, Netware and TPF



Index: configure.in
===================================================================
--- configure.in        (revision 518254)
+++ configure.in        (working copy)
@@ -389,6 +389,7 @@

dnl ## Check for library functions
AC_SEARCH_LIBS(sqrt, m)
+AC_SEARCH_LIBS(crypt, crypt ufc)

dnl See Comment #Spoon

@@ -399,6 +400,7 @@
bindprocessor \
prctl \
timegm \
+crypt
)

dnl confirm that a void pointer is large enough to store a long integer

Index: support/htdbm.c
===================================================================
--- support/htdbm.c    (revision 494665)
+++ support/htdbm.c    (working copy)
@@ -29,6 +29,7 @@
#include "apr_file_info.h"
#include "apr_pools.h"
#include "apr_signal.h"
+#include "ap_config.h"
#include "apr_md5.h"
#include "apr_sha1.h"
#include "apr_dbm.h"
@@ -69,7 +70,7 @@
#define ALG_APMD5 1
#define ALG_APSHA 2

-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
#define ALG_CRYPT 3
#endif

@@ -311,12 +312,12 @@
        case ALG_PLAIN:
            /* XXX this len limitation is not in sync with any HTTPd len.
*/
            apr_cpystrn(cpw,htdbm->userpass,sizeof(cpw));
-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
            fprintf(stderr, "Warning: Plain text passwords aren't supported
by the "
                    "server on this platform!\n");
#endif
        break;
-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
        case ALG_CRYPT:
            (void) srand((int) time((time_t *) NULL));
            to64(&salt[0], rand(), 8);
@@ -347,7 +348,7 @@
static void htdbm_usage(void)
{

-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
#define CRYPT_OPTION "d"
#else
#define CRYPT_OPTION ""
@@ -367,7 +368,7 @@
    fprintf(stderr, "   -c   Create a new database.\n");
    fprintf(stderr, "   -n   Don't update database; display results on
stdout.\n");
    fprintf(stderr, "   -m   Force MD5 encryption of the password
(default).\n");
-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
    fprintf(stderr, "   -d   Force CRYPT encryption of the password (now
deprecated).\n");
#endif
    fprintf(stderr, "   -p   Do not encrypt the password (plaintext).\n");
@@ -474,7 +475,7 @@
            case 's':
                h->alg = ALG_APSHA;
                break;
-#if APR_HAVE_CRYPT_H
+#ifdef HAVE_CRYPT
            case 'd':
                h->alg = ALG_CRYPT;
                break;

Index: support/htpasswd.c
===================================================================
--- support/htpasswd.c    (revision 494665)
+++ support/htpasswd.c    (working copy)
@@ -45,6 +45,7 @@
#include "apr_file_io.h"
#include "apr_general.h"
#include "apr_signal.h"
+#include "ap_config.h"

#if APR_HAVE_STDIO_H
#include <stdio.h>
@@ -175,7 +176,7 @@
        apr_cpystrn(cpw,pw,sizeof(cpw));
        break;

-#if !(defined(WIN32) || defined(NETWARE))
+#ifdef HAVE_CRYPT
    case ALG_CRYPT:
    default:
        (void) srand((int) time((time_t *) NULL));
@@ -215,12 +216,12 @@
    apr_file_printf(errfile, " -n  Don't update file; display results on "
                    "stdout." NL);
    apr_file_printf(errfile, " -m  Force MD5 encryption of the password"
-#if defined(WIN32) || defined(TPF) || defined(NETWARE)
+#ifndef HAVE_CRYPT
        " (default)"
#endif
        "." NL);
    apr_file_printf(errfile, " -d  Force CRYPT encryption of the password"
-#if (!(defined(WIN32) || defined(TPF) || defined(NETWARE)))
+#ifdef HAVE_CRYPT
            " (default)"
#endif
            "." NL);
@@ -435,14 +436,14 @@
    check_args(pool, argc, argv, &alg, &mask, &user, &pwfilename,
&password);


-#if defined(WIN32) || defined(NETWARE)
+#ifndef HAVE_CRYPT
    if (alg == ALG_CRYPT) {
        alg = ALG_APMD5;
        apr_file_printf(errfile, "Automatically using MD5 format." NL);
    }
#endif

-#if (!(defined(WIN32) || defined(TPF) || defined(NETWARE)))
+#ifdef HAVE_CRYPT
    if (alg == ALG_PLAIN) {
        apr_file_printf(errfile,"Warning: storing passwords as plain text "
                        "might just not work on this platform." NL);

Reply via email to